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DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the communication dated June 30, 2006 with the 
amendments to claims 2-4, 6-11, 13-14, 16-24, 26-27, 29-31, 34-35, 40 and 43-45, and 
the cancellation of claims 1, 12, 15 and 25. 

Claims 2-11, 13-14, 16-24 and 26-45 are pending. 

Response to Arguments 

2. The declaration filed on July 5, 2006 under 37 CFR 1 .131 has been considered 
but is ineffective to overcome the Brendel (US 6,772,333) and Johnson (US 6,529,885) 
references. 

3. The declaration is not signed by the inventor (see MPEP 715.04, any affidavit 
under 37 CFR 1.131 could be signed by only the inventor(s) of the subject matter of the 
rejected claims). 

4. The evidence submitted is insufficient to establish a clear descriptive conception 
of the invention prior to the effective date of the Brendel (US 6,772,333) and Johnson 
(US 6,529,885) references. While conception is the mental part of the inventive act. it 
must be capable of proof, such as by demonstrative evidence or by a complete 
disclosure to another. Conception is more than a vague idea of how to solve a problem. 
The requisite means themselves and their interaction must also be comprehended. See 
Mergenthaler V. Scudder, 1897 CD. 724, 81 O.G. 1417 (D.C. Cir. 1897). For example, 
claim 36 requires 
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"(d) the first computing device communicating, to the second computing device 
over an untrusted network, the first datum with encryption; and 

(e) the first computing device communicating, to the second computing device 
over the untrusted network, the second datum without encryption, wherein steps (d) and 
(e) occur at least substantially simultaneously." 
It is not clear where these limitations supported in the Exhibits A and B. 

5. The evidence submitted is insufficient to establish diligence from a date prior to 
the date of reduction to practice of the Brendel (US 6,772,333) and Johnson (US 
6,529,885) references to either a constructive reduction to practice or an actual 
reduction to practice. There is no showing of any evidences during the critical period 
starting just prior to 9/24/1999 until 11/8/1999. 

6. Applicant's arguments with respect to claims 2-11, 13-14, 16-24 and 26-45 have 
been fully considered but they are not persuasive. The applicant argues that Brendel 
does not disclose confidential and non-confidential information in the same Web page 
are sent encrypted and unencrypted, respectively. Examiner addressed it in the 
previous office action and Johnson (US 6,529,885) was relied on for the teaching of 
claimed limitation (col. 9, lines 29-45). The applicant argues Johnson discloses the 
encryption used by the Web's buyer's home bank's server is applied locally after the 
password is received by the server and not before. Examiner respectfully disagrees, 
Johnson clearly indicates "the Web buyer may select both ID and password, be 
assigned both ID and password, or any permutation thereof. The Web buyer's home 
bank then stores the assigned ID and encrypts the password. Preferably, the encryption 
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of the Web buyer's password at the Web's buyer is different than the encryption scheme 
inherent in the SSL" (col. 9, lines 37-43). Clearly Johnson discloses the encryption in his 
invention is different than the way SSL servers encrypt everything, in particular Johnson 
describes encrypting only the password. The applicant argues that Gregg discloses all 
of the login parameters are encrypted and sent over the untrusted network. Examiner 
respectfully indicates that Gregg does not disclose the purpose of sending all login 
parameters (i.e. user name, password, digital ID) to the client cryptographer, however 
Gregg does specifically disclose encrypting only the password and the digital ID among 
the login parameters, his teaching clearly reads on the claimed limitation of 
communicating first datum with encryption and second datum without encryption over 
an untrusted network. 

Claim Objections 

7. Claims 2-4, 6, 13, 16-18, 20, 23, 26, 30 and 34 are objected to because of the 
following informalities: the phrase "wherein the first and datum are communication in a 
message" appears to miss an element. It should be "wherein the first and second 
datum are communication in a message". Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 2, 13-14, 16, 23, 26-32, 34-37, 39-42 and 44-45 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Brendel (6,772,333) in view of Johnson 
(6,529,885). 

a) As to claims 36 and 39-40, Brendel discloses a system and method for 
load balancing among servers when both clear text and encrypted sessions in e- 
Commerce web sites from one client are assigned to a same server (col. 13, lines 9-18) 
comprising a) a browser on the first computing device providing a Web page to a user 
(i.e. clients interact with servers over the Internet via web browsers and web servers, 
col. 1 , lines 13-23), the Web page comprising at least first and second input fields for 
input from the user and at least a first presentation field associated with the at least first 
(i.e. credit card) and second (i.e. purchased items) input fields (col. 10, lines 21-34); b) a 
program on the first computing device receiving a message from the user (col. 1 1 , lines 
46-47), wherein the message comprises at least a first and a second datum input by the 
user into the at least first and second input fields, respectively, of the Web page, 
wherein the first datum (i.e. credit card information) is confidential to the user and the 
second datum (i.e. purchased items) is non-confidential to the user; c) the program 
identifying that the first datum is confidential and the second datum is non-confidential 
(i.e. acknowledging that only financial information such as credit card information may 
be encrypted, col. 1 lines 37-42); d) the first computing device communicating to the 
second computing device over an untrusted network, the first datum with encryption and 
e) the first computing device communicating to the second computing device over the 
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untrusted network, the second datum without encryption wherein steps (d) and (e) occur 
at least substantially simultaneously (col. 1 , lines 53-58). 

Brendel does not explicitly disclose the Web page displays simultaneously to the 
user the first and second input fields. 

Johnson discloses methods and systems for securely carrying out electronic 
transactions comprising the Web page displays simultaneously to the user the first and 
second input fields (col. 9, lines 29-45; the user may select ID and password from the 
Web browser, only the password gets encrypted). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of having the Web page displays simultaneously to the user 
the first and second input fields in the system of Brendel as Johnson teaches so as to 
effectively manage each data in each field. 

b) As to claims 44 and 45, Brendel discloses a system and method for load 
balancing among servers when both clear text and encrypted sessions in e-Commerce 
web sites from one client are assigned to a same server (col. 13, lines 9-18) comprising 
at a first computing device, receiving input information from a Web page displayed to a 
user (i.e. clients interact with servers over the Internet via web browsers and web 
servers, col. 1, lines 13-23), the input information comprising at least first (i.e. credit 
card number) and second datum (i.e. purchased items) corresponding respectively to at 
least first and second user input fields (col. 10, lines 21-34); at the first computing 
device, a program determining which of the at least first and second user input fields 
contains confidential information (col. 11, lines 46-47), wherein the first datum is 
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confidential to the user and the second datum is not confidential to the user (i.e. the 
determination is made by encrypting the confidential data, credit card number, and not 
encrypting non-confidential data, purchased items. This determination also reflects on 
acknowledging that the load on the server machine can be reduced by limiting the 
amount of data that is encrypted before being sent over the Internet, col. 1 , lines 35-37); 
the first computing device communicating the first datum to a second computing device 
over an untrusted network with encryption of the first datum and the first computing 
device communicating the second datum over the untrusted network to the second 
computing device without encryption of the second datum (col. 1, lines 53-58). 

Brendel does not explicitly disclose at least first and second input fields is from a 
single, displayed Web page. 

Johnson discloses methods and systems for securely carrying out electronic 
transactions comprising the Web page displays simultaneously to the user the first and 
second input fields (col. 9, lines 29-45; the user may select ID and password from the 
Web browser; the ID, password and other requisite identification information are on a 
single, displayed Web page and only the password gets encrypted). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of having the Web page displays simultaneously to the user 
the first and second input fields in the system of Brendel as Johnson teaches so as to 
effectively manage each data in each field. 

c) As to claims 2, 16, 37 and 42, Johnson discloses the first and datum are 
communicafion in a message and the step of communicating the first datum of the 
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message with encryption of the first datum and the step of communicating the second 
datum of the message without encryption of the second datum comprise the step of 
communicating the first datum with encryption and the second datum without encryption 
in a same packet that comprises the message (col. 9, lines 29-45). 

d) As to claims 13-14 and 26-27, Brendel discloses the first and datum are 
communication in a message and the step for the first computing device to 
communicate the encrypted and. non-encrypted data with the second computing device 
through the Web browsers in which the credit card number is encrypted and purchased 
items are non-encrypted (col. 10, lines 21-34). 

e) As to claim 23, Brendel discloses the first and datum are communication 
in a message and the second computing device employs the procedure to encrypt the 
first datum for communication of the first datum of the message from the second 
computing device to the first computing device (col. 10, lines 32-34). 

f) As to claim 28, it has the same limitations as claim 44, further the 
computer readable program code reads on any matter for carrying software. 

g) As to claim 29, Brendel discloses the method wherein the first datum is 
confidential information to a user (i.e. credit card number, col. 10, lines 32-34) and the 
second datum is non-confidential information to the user (i.e. purchased items, col. 10, 
lines 23-30). 

h) As to claims 30 and 34, Brendel discloses the first and datum are 
communication in a message and the method further comprising: 
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i) receiving the input information from a user, the input information 
comprising a plurality of input fields (i.e. web pages for selecting product for purchase 
and for entering the credit card information, col. 10, lines 21-34). 

ii) determining each input field comprising confidential information to 
the user and each input field comprising non-confidential information to the user, 
wherein the first datum (i.e. credit card number) is confidential information and the 
second datum (i.e. purchased items) is non-confidential information (col. 1, lines 37-42). 

i) As to claims 31 and 41, Brendel discloses the method wherein the 
communicating steps occur at least substantially simultaneously (col. 1, lines col. 1, 
lines 53-58). 

j) As to claims 32 and 35, Brendel discloses the method wherein the 
communicating steps comprise: 

i) encrypting the information in each of the input fields identified as 
comprising confidential information (col. 1, lines 53-56). 

ii) not encrypting the information in each of the input fields identified 
as comprising non-confidential information (col. 1, lines 56-58). 

10. Claims 3 and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Brendel (6,772,333) in view of Johnson (6,529,885) and further in view of Trcka et al. 
(2001/0039579). 

Trcka discloses a network system monitors and records traffic present on the 
network comprising data packets with media header is either encrypted or unencrypted 
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(Fig. 6a, i.e. encrypted data packets are transmitted separately from unencrypted data 
packets). 

It would be obvious to one of ordinary skill in the art at the time of the invention to 
employ the use of communicating the unencrypted data in a second packet of the 
message different from the first packet of encrypted data of the message in the system 
of Brendel and Johnson, as Trcka teaches so as to easily track data packets. 

11. Claims 4-7, 11, 18-20 and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Brendel (6,772,333) in view of Johnson (6,529,885) and further in 
view of Gregg etal. (6,516,416). 

a) As to claims 4-5, 11, 18-19 and 24, Gregg indicates the same path 
comprising TCP/IP passage (col. 5, lines 56-61) is used for encrypted and non- 
encrypted data communications between first computing device and the second 
computing device. Moreover the system is designed to use the interactive model of the 
WWW for client server transactions on the Internet (Abstract ). 

b) As to claims 6, 7 and 20, Gregg shows password and digital ID are 
encrypted by a key (col. 17, lines 32-34) and the key is communicated from the second 
computing device to the first computing device (col. 17, lines 32-35). 

12. Claims 8-9 and 21-22 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Brendel (6,772,333) in view of Johnson (6,529,885) and further in view of Schneier 
(Applied cryptography). 
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Brendel does not disclose a second key is employed to decrypt the first datum of 
the message and the first and second key comprised a matched key to communicate 
the encrypted data. 

Schneier discloses communications using symmetric cryptography wherein the 
second key is used to decrypt the encrypted message (page 28, item (5)) and the first 
(page 28, item (3)) and second key comprised a matched key (page 28, item (5)) to 
communicate the encrypted data. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of a second key to decrypt the first datum of the message 
and the first and second key comprised a matched key to communicate the encrypted 
data in the system of Brendel and Johnson, as Schneier teaches so as to protect the 
sensitive data. 

13. Claims 10, 33, 38 and 43 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Brendel (6,772,333) in view of Johnson (6,529,885) and further in 
view of Johnson et al. (5,923,885). 

a) ' As to claims 10 and 38, Brendel discloses the web page comprises 
hypertext markup language (col. 12, lines 14-17), wherein the first datum comprises the 
credit card number (col. 10, lines 32-34), wherein the second datum comprises 
information related to a purchase by the user (col. 10, lines 23-27). 

Brendel implicitly discloses the program (col. 1, lines 37-42) is embedded in the 
Web page and is loaded (col. 12, lines col. 12, lines 18-22). 
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Johnson et al. discloses method and software for dynamically modifying 
computer interfaces so that users can access and operate software distributed across a 
computer network using software application, more particularly the applet software that 
is downloaded from the server to client (col. 6, lines 33-49; col. 11, lines 35-64). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of embedding the program in the web page and loading the 
program on the first computing device after the Web page is received in the system of 
Brendel, as Johnson teaches so as to create dynamic Web applications. 

b) As to claims 33 and 43, please see above addressed claims 10 and 38. 

Conclusion 

14. Applicants amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

15. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dieu Nguyen whose telephone number is 571-272- 
3873. The examiner can normally be reached on M-F 6:00-2:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.qov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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